Security Issue

In order to stay ahead in today’s competitive business landscape, companies need to constantly innovate. Development teams must continually release new products, features or services and cloud technology, along with agile development practices, make this perpetual iterating feasible.

Cloud technology has undoubtedly enabled companies to innovate quickly and frequently, however, historically it’s introduced a myriad of security concerns, often causing development, operations and security teams to become overwhelmed and distracted. Today, though, security doesn’t have to hold back high-velocity, cloud-based product development cycles. Companies can achieve complete cloud security and compliance without a security issue impacting delivery speed, as long as they use the right tools and best practices across their organization.

Below are three key tips companies should consider in order to overcome any lingering security concerns and scale quickly and securely in the cloud:

1. Educate your team

For companies moving to a cloud-based infrastructure for the first time, it’s essential to discuss the change and make sure everyone understands how they will be affected before any data is migrated over. A key part of this discussion should be explaining that security is no longer just about perimeter defense and prevention; understanding the behavior of your workloads, users and environment is critical knowledge that needs to be shared. It’s important that everyone on the development, operations and security teams understand what all of their assets are doing and what’s taking place within the cloud workload at all times, as this is the best way to detect real cloud security threats as soon as they take place.

2. Track the ephemeral

Back in the days of ‘racking and stacking,’ it was easy to know what servers you had and where they were. But with cloud-based infrastructures, one of the key value propositions is elasticity: you might spin up an EC2 instance or cluster, for instance, do some data analysis for an hour or two, and then turn it off. There are advantages to such elasticity; however, it’s crucial to also have the ability to go back in time and view activity to ensure compliance and potentially investigate any risks. Additionally, as you’re building up and burning down, you want to know that those transient systems and workloads were compliant with your security posture. All too often companies focus on catching cloud security incidents only when they’re happening. But to remain consistently secure and compliant, security teams need to be able to ‘rewind’ and look at instances that may no longer exist.

3. Embrace software-defined everything

The beauty of the software-defined nature of the cloud is that it can actually make security teams’ jobs easier; they’re able to inject themselves throughout the infrastructure landscape and lifecycle. They no longer need to figure out how to capture information from switches, routers, and other devices at various layers of the network and try to correlate the data, because it’s all tied together. Additionally, integrations with tools like PagerDuty and Slack enable internal dialogues that empower non-security team members to collaborate on detection and response to potential issues. And when it’s time for security teams to intervene and investigate, deep audit trails make it possible to track not just whether a user logged in, but what processes they kicked off (and whether it was really them).

Some companies think cloud technology introduces a new layer of vulnerability, however in reality, it’s just the opposite. The cloud presents companies with an opportunity to evaluate their security requirements and reconsider their strategy and processes. It can enable security teams to focus on more strategic initiatives and also improve collaboration with Operations and Engineering teams. This, in turn, allows development, operations and security teams to spend more time on projects that drive real business value and less time frantically checking for potential security gaps.

Don’t let a past security issue prevent your company from migrating to the cloud and reaping its benefits. Discuss the change in detail and address any concerns with everyone in your organization well in advance. Track historical instances in order to ensure security and compliance, and consider implementing a cloud security solution to help gain deep insight into your environment in real-time, because software-defined everything is only possible with complete visibility (and vice versa).

Predictions of Marketing Technology

In Gartner’s 2015 Data-Driven Marketing Survey we saw three new technologies entering the hype cycle, Predictive B2B Marketing, Ad Blocking, and Mobile Wallet. Further, the 2016 Hype Cycle for Digital Marketing and Advertising suggested that the combination of four key data-centric marketing driving forces including personalization, real-time marketing systems, the employment of contextual clues, and the convergence of Martech and Adtech would lead to more appropriate uses of IoT devices and analytics, and machine learning and personalization bolstering data-centric marketing tactics. As Gartner’s 2016-2017 Chief Marketing Officer (CMO) Spend Survey predicts higher marketing budgets in 2017, one wonders what marketing technology holds for us in the year to come.

Early Adopters

In the second annual State of Marketing Technology report from Walker Sands, it’s suggested that marketers are becoming more comfortable with the ever increasing variety of tools at their disposal, many adopting martech devices more quickly. Unfortunately, more than half of today’s marketers aren’t managing to keep up with these changes. Though many marketers are seen jumping in with both feet, taking advantage of what one expert summed a landscape of nearly 4,000 solutions, just as many others are entirely overwhelmed by the new technology and requirements of the evolving digital marketing space. Surprisingly, this tremendous array of tools has not led the majority of companies to seek a single vendor for their marketing cloud, a solution which might offer greater ease of use and comfort. Instead, the majority of organizations both large and small are focusing on the integration of best-of-breed architecture to provide the best solution for each requirement, no matter the mix required.

Integration and Best-of-Breed

Along with the data suggesting best-of-breed architecture leads in martech selections, Walker Sands’ study finds that integrated best-of-breed marketing technology is the most popular and the majority of respondents believe their companies are well able to leverage the power of integrated best-of-breed tools. But fragmented best-of-breed stacks shouldn’t be disqualified just yet; currently, 21% of participants indicated use – just 6% less than those using integrated best-of-breed stacks. In fact, integration didn’t rank particularly high when respondents were asked what would better help them leverage the full power of their current marketing technology stack; instead 39% of respondents submitted that better strategy was key to this improved leveraging, and improved analytics and more training also ranked high on the list of ‘keys to fully leveraging martech stack.’

Virtual & Augmented Reality

Both virtual reality (VR) and augmented reality (AR) have recently been moving toward the mainstream with a range of industries developing methods to incorporate the once ‘science fiction’ tech. The advertising and marketing industries are no different. According to the IDC’s annual tech projections, “in 2017, 30% of consumer-facing Global 2000 companies will experiment with AR/VR as part of their marketing efforts.” As marketers recognize the value of interfaces for direct customer engagement, this evolution is occurring faster than expected and the IDC expects virtual and augmented reality adoption to reach mass levels by 2021. In just five years it’s projected that over a billion people globally will regularly use a virtual or augmented reality platform to access data, content, and apps.

It appears that, despite martech concerns such as ad-blocking tools and the effectiveness of some of the digital marketing and advertising tools, the role of digital marketing advertising moves from strength to strength and the plans for spend in this area remain high. A shift of offline media spending to digital channels is also being noted, suggesting that in years to come some of the better digital marketing tools we’re just coming to grips with today will hold an important position in the martech stack. 2017 will probably only see the foundations of a few of these innovations.

SaaS Travel Industry

The online travel industry can trace its roots to American Airlines in the late 1970s. It has grown from the SABRE (Semi-automated Business Research Environment) system, which was developed to automate booking reservations to, to a sprawling industry worth billions of dollars.

Expedia, Yahoo Travel, Booking.com, Justfly, and Priceline, makeup just a few of the companies vying to establish themselves at the top of the digital travel industry.

In 1999, before the internet became truly globalised, the Travel Industry Association of America reported that 15.1 million people in the United States booked their travel arrangements online. Worldwide digital travel sales surpassed $533 billion in 2015, a 13.3% increase from 2014, and that number is set to grow again this year. It may shock you a little to discover that, 17 years later, despite the massive growth of the internet, more than half of all travel bookings are still made offline – either over the phone or through retail travel agents.

However, the online travel industry is set to continue to grow rapidly over the next few years. It has been estimated that by 2020, the highest percentage of total sales made by online payments will be held by the travel industry (see fig. 1). This growth can be attributed to the growth of the travel industry in general, with developing countries like China and India housing an ever expanding middle class, the amount of disposable income that these countries as a whole can spend on travel is set to skyrocket over the next decade.

Of the many travel sites that have benefitted from the meteoric rise of the internet over the last decade, Justfly has been one of the more recent success stories. JustFly is the fastest growing online travel company in the US, whose exponential rise can be attributed, at least in part, to their drive to stay ahead of the curve in providing modern technological benefits with a human touch.

The fact that over half of bookings still occur offline, can give us an insight into the public desire to deal with people rather than booking sites, when it comes to travel arrangements. Sites like Justfly or Expedia, who combined the best of modern technology, along with a human component seem to be enjoying the most success. Although some airlines have attempted to lessen the impact of these middle-men, they are fighting a losing battle. Michelle Evans, the digital consumer manager at Euromonitor, commented recently that online travel agencies are leading the overall growth in online and mobile travel bookings, though there has been some growth in direct bookings for hotels and lodgings.

Co-founder of ComScore, a U.S. Internet analytics company, Gian Fulgoni did suggest that airlines have been doing more to hold onto revenue that hotels, since branded travel sites have more to lose from receiving bookings through OTA’s (Outside Travel Agencies).

In contrast to the earlier statistic, that over half of all bookings are still made offline, a 2015 report by CNBC, suggested that 7 out of 10 people using the internet in the US were visiting travel sites. So, how do we account for this gap in the statistics? People are using the internet to find and compare prices, and many of them will then go to more traditional methods of booking to finalise their arrangements. Why else would sites like Expedia and Justfly place such a high value on the need for a human element to travel booking? Justfly’s entire matra is built on combining a team of travel experts, with their “efficient and technologically bullet-proof platform”.

Add all this to the fact that TripAdvisor garnered substantially more internet traffic (14.5% share of the market) this year, than any other travel site, the stats suggest that we are becoming smarter consumers. We are learning to take all aspects of the travel industry, both digital and human, and combine them to help us to find the best prices for our travels. As Gian Fulgoni put it, “The Internet has put pricing power in the hands of the consumer“.

Cloud Security

In September, McKinsey released what might be looked back upon as a seminal survey. It opened the report with a simple, powerful declaration: “The cloud debate is over.” The data told a story that the pace of IT workloads moving to cloud is now at a “material” level and the impact would ripple across the industry. The survey reaffirmed the view of CIO’s and IT executives that security and compliance continue to be the top concerns of cloud adoption.

Now that the cloud is just accepted as a safe and viable growth path, it’s important that decision makers think about budgeting for cloud security differently. They are no longer buying hardware appliances and enterprise software. They need agile SaaS tools that can can scale and adapt to their cloud-based infrastructures to grow confidently and allow them to move even faster.

The Current State of Cloud Security

The growth of cloud adoption brings with it a serious need for more disciplined security practices. Between the MICROS/Oracle breach, the SWIFT Network attacks and a rash of healthcare industry data breaches, it seems every week there’s another major story about vulnerable data getting into the wrong hands. In today’s cloud-based business landscape, it’s no longer a question of if your organization will be targeted; it’s when.

While major cybersecurity breaches continue to dominate the news, the reality is only 3% of companies experience catastrophic losses worth more than $1 million. Smaller, internal threats are far more common for most organizations, and they can still cost companies significant capital. In fact, the Ponemon Institute found that insider activity is the most expensive ongoing cybersecurity threat to date, costing companies an average of $144,542 annually.

To combat cybercrime and proactively protect your organization, a more evolved approach to cloud security is necessary. Many organizations implement an outside-in approach, working to protect their infrastructure perimeter and company assets from malicious intruders who may be trying to gain access. However, this approach doesn’t take into account the possibility of internal threats, or hackers who have already gained access. Organizations and cloud security professionals need to focus on thwarting the advanced threats within cloud environments themselves, all while maintaining total compliance, of course.

This inside-out approach to cloud security isn’t always easy, however, and it can be made more difficult by the fact that cloud security professionals capable of handling the cloud’s advanced threats and compliance issues are becoming increasingly rare. Case in point? Cybersecurity Ventures found that the cybersecurity workforce shortage is expected to reach 1.5 million by 2019. This is creating a need for better tools to help operations teams level-up on security, thus improving operational efficiency. The big benefit: empowering those closest to the infrastructure to make the rapid changes necessary to improve security and continuously manage their security state over time.

Inside-Out Cloud Security Monitoring Considerations

Monitoring needs to occur at the workload layer, because here, activity can be monitored across multiple areas deep within the environment to accurately identify and stop inappropriate internal behavior before it causes damage.

It’s equally important for organizations to consider their Operations team when evaluating cloud security monitoring services or tools. Given the increasing overlap between Operations and security, monitoring tools should be able to integrate security alerts directly into “DevOps” workflows so teams can respond quickly and with context about what occurred. In other words, security information needs to move to where your teams are working every day and you need to choose platforms that can integrate easily and surface alerts and context in situations that matter.

One example of an inside-out approach to cloud security monitoring includes vulnerability management, which is used for scanning three key areas particularly prone to attacks: web applications, operating systems and everyday packages. With access to production, for example, a misguided or malicious employee could easily install an unauthorized package in your base AMI, or worse yet, install a package directly on production environments. With vulnerability management implemented as an inside-out strategy, however, DevOps teams can verify the attack surface of every installed package before it goes live and wreaks havoc.

By continuously monitoring for suspicious or unauthorized behaviors, organizations can identify internal threats before they spiral out of control. Real-time cloud security monitoring can aid organizations in their efforts to combat cybercrime and thankfully, such technology doesn’t require designated, in-house security professionals. However, it’s important to ensure monitoring is conducted from within the cloud workload itself and that it provides immediate and actionable alerts so DevOps teams can rapidly plan and carry out effective remediation. Lastly, to effectively protect your organization’s data, systems, customers and brand reputation, it’s critical to implement monitoring technology that can analyze normal system behavior as well as anomalous trends, so that any new or suspicious activities can be swiftly identified and contained before a breach occurs.

The Future of A.I

On Friday 21st October, the world witnessed the largest cyber-attack in history. The attack set a new precedent for the size, scale, and potential threat of cyber-attacks; it used the Mirai botnet to corrupt IoT (Internet of Things) devices and repurpose them to conduct a massive coordinated DDoS attack. The attack was registered at a massive 1.2Tbps, and, rather worryingly, there has been speculation that the hackers could have used up 5 times as many devices. Many people have been quick to declare this as the beginning of a new era in cyber-crime, and Elon Musk has speculated that it is “only a matter of time before AI is used to do this”. But how at risk are we?

Musk has also postulated that as A.I. gets better and smarter, that we could see it used to optimise attacks on the internet infrastructure, attacks like the one we saw last month. He has brought light that (in his eyes) the internet is “particularly susceptible” to something called a “gradient descent algorithm”. A gradient descent algorithm, is a mathematical process that examines a complex function and finds the optimum solution – something that A.I.s are already incredibly good at, since it is integral to machine learning. The consequence of this is ultimately that this process of optimization could be used to launch devastating IoT attacks as a result of the fine-tuned digital weaponry. Ultimately, it could lead to A.I. vs A.I. cyber-warfare on a scale that we can only imagine at the moment.

All this comes as we are on the cusp of an A.I. revolution, the idea of A.I. no longer seems to be some far off concept; it is within our grasp. Yet, there are many parties warning of the vast dangers of A.I., including some of the greatest minds on earth. Bill Gates, Elon Musk, and Stephen Hawking all fear what A.I. could mean for the human race as a whole. Hawking has warned that the moment robots gain the ability to build and redesign themselves, that they will continue to do so faster and faster. Thus spelling the end for the human race as the dominant species on the planet,

“Once humans develop artificial intelligence, it will take off on its own and redesign itself at an ever-increasing rate….. Humans, who are limited by slow biological evolution, couldn’t compete and would be superseded.” Similarly, Elon Musk made headlines speaking at the MIT Aeronautics and Astronautics department’s Centennial Symposium in October, when he compared creating artificial intelligence to summoning a demon.

“I think we should be very careful about artificial intelligence. If I were to guess like what our biggest existential threat is, it’s probably that. So we need to be very careful with the artificial intelligence…. With artificial intelligence we are summoning the demon. In all those stories where there’s the guy with the pentagram and the holy water, it’s like yeah he’s sure he can control the demon. Didn’t work out.”

Bill Gates, although noting what A.I. and automation can do for us, has also called for great caution to be taken. In a recent AMA on Reddit he questioned why some people aren’t as worried as he is!

“First the machines will do a lot of jobs for us and not be super intelligent. That should be positive if we manage it well. A few decades after that though the intelligence is strong enough to be a concern. I agree with Elon Musk and some others on this and don’t understand why some people are not concerned.”

Those of you who watch Westworld (HBO) will have seen this fear in its earliest form, where one of the A.I. robots is able to understand that it is controlled by a computer, and blackmails two engineers into making it much smarter than it “should be” – a terrifying and chilling moment, perhaps due to the fact that this could soon be reality. The technology is already coming into mainstream culture; Ross the A.I. lawyer has just been hired by a US law firm, Google’s A.I. has already pushed the limits of A.I. creativity, by creating abstract works of art, and that same A.I. has now created it’s very own form of encryption.

With all of these technologies becoming more and more prevalent in our society, it is key that we understand the risks of what we are doing, and take proper precautions. When the people who have led the tech revolution are warning of its risks, you know it is time to listen.

Big Data Mandates

For some years a dearth of data scientists and analysts has caused concern, with McKinsey expecting a demand for analytical expertise 60% greater than available supply by 2017. Additionally, Gartner predicts a shortage of 100,000 data scientists in the US by 2020. In more recent findings, Accenture reported the vast majority of its clients intended to hire employees with data science capabilities but over a third cited lack of talent an impediment. It should come as no surprise that this relatively new, but booming, arena is undergoing significant shifts; big data has suddenly been recognized as a valuable commodity, organizations are investing in big data analytics to improve strategies and operations, and universities and colleges are creating and streamlining data analytics training programs to meet these new skill requirements.

Big Data Analytics

In businesses around the world, the role of big data analytics has grown. Though big data is readily identified as a golden ticket to business success, most organizations are only just coming to terms with the need for suitable data science skills to turn this barrage of information into valuable and constructive insight. Some of the benefits gleaned from analyzed data and predictive analytics include targeted marketing campaigns that provide well-timed offers to the right people, exceptional customer service through better anticipation of needs, and progressive business models able to leverage connectivity for greater success.

As valuable as the data science tools we currently utilize are, industry experts believe the future holds much more. The International Institute for Analytics expects automated data curation and management to free up data scientists and analysts to do more of the work that interests them in future years while the IDC predicts that through 2020 spending on data preparation and self-service visual discovery tools will grow two and a half times faster than traditional IT-controlled tools for comparable functions. Unfortunately, the skills shortage is likely to persist, and Forrester believes the demand won’t be met in the short term, “even as more degree programs launch globally.”

Big Data Training

No matter the pessimism of some of our top analysts, educational programs aimed at bridging the big data skills gap are increasing and advancing. For those commencing training, a shortage of skills is a distinct advantage as they prepare for a market in which they have the upper hand. At the end of last year, RJMetrics reported that only 11,400 professionals classified themselves as data scientists and 52% of all data scientists had achieved their titles in the last four years. Many companies simply can’t wait for the next batch of graduates to meet their needs and some of the more progressive are implementing their own training schemes which encourage skill development within the organization. Along with STEM schools, online training platforms, and university partnerships, in-house training may help enlarge our skills pool.

It’s interesting also to note that Gartner expects an increase of citizen data scientists in the coming years; states Rita Sallam, VP of Research at Gartner, “Through 2017, the number of citizen data scientists will grow five times faster than the number of highly skilled data scientists.” As businesses and educational institutions provide their own investments into big data skills, it’s important to remember the opportunities technology has offered and continues to offer the self-made individual; opportunities abound too for the unconventionally trained but astute data scientist and as we navigate the current skills gap many have as much sway as their graduate colleagues.

Taking Advantage of the Talent Gap

According to SAS, a provider of industry-leading analytics software and solutions, it’s possible to turn the “analytical talent gap into an analytical talent dividend.” Developing key insights from MIT Sloan Management Review Research Report, “The Talent Dividend,” SAS highlights the value of finding talent that already exists in the business, integrating new hires with existing specialists, and pairing data scientists with business domain experts for better results. Practical business leaders are quickly learning that an innovative approach to talent cultivation often affords greater rewards.

Corporate Board Member Security

It’s every company’s worst nightmare: waking up to find your confidential company information plastered across The Wall Street Journal. Salesforce was a victim of just that when Colin Powell, a corporate board member, had his emails hacked and posted on DCleaks. One email contained a confidential slide deck detailing acquisition targets being considered by Salesforce. Although this information likely wasn’t what the hackers were looking for when they gained access to Powell’s private emails, Salesforce became the latest victim of this type of cybercrime.

There were 14 potential targets on the list that included Adobe, LinkedIn, Pegasystems, Box and Hubspot. Although several of these companies, such as LinkedIn and NetSuite, were already acquired this year, many others are still available and potentially in play. Powell has accidentally leaked some of Salesforce’s growth and innovation strategy, which Salesforce’s competitors are now privy to. It’s conceivable that a competitor could use the leaked information for their own benefit and swoop in to make a deal.

Many companies have strict internal information-sharing policies, but board members often are not required to follow the same rules, even though they have access to extremely sensitive information such as earnings reports, C-suite level communications and M&A target lists. Using email or consumer-grade file sharing apps to share sensitive corporate files exposes companies to a wide range of risks, and the consequences can be dire. Public embarrassment and damaged reputation aside, board members have been named in shareholder lawsuits as a result of data breaches, and activist investors have successfully removed board members after a breach.

Board members should be taking proactive steps to better protect their sensitive information and improve online security. However, it is important to remember that the ultimate responsibility for securing the board data lies with the company. The following tips aren’t groundbreaking, but they work, and are too often overlooked and forgotten:

Create strong, unique passwords for any site you access. Don’t reuse passwords, especially for important applications like online banking or file storage.

Only use file sharing services with two-factor authentication.This means, for example, that, when you log in from a new computer and enter your password, you’ll have to enter a code before you can access the account. This will rule out consumer-grade apps with a potentially lower security threshold than enterprise-level apps.

Separate business and personal files. It’s never a good idea to share personal information and business data through the same file sharing service or account. Many employers have rules against storing business information in consumer-grade file sharing tools, which is why they blacklist these types of applications.

Monitor your accounts regularly to catch theft or suspicious activity early on and reduce potential damage.In this case, Powell was a victim of a spear-phishing attack, where hackers target individuals with personally relevant information. Always assume you could be at risk.

Remember that email has been proven, time and again, unsafe for sharing confidential information. If a document needs to be shared externally, ensure you are using a secure file sharing system, not email, so that if the document falls into the wrong hands nobody else can open the file.

Consider applying expiration dates to files to time-bound documents.

Be extremely prudent about where you store your data.

Corporate board members ignore cybersecurity best practices at their own peril. This goes double for board members with a high profile like Colin Powell, who can be targeted by ‘hacktivists’ for a variety of reasons unrelated to their board positions. Don’t let you or your company become the next casualty in our cyber-insecure world.

What Top SaaS Vendors Do I am not going to mention names in this article, but if you want to be the best, you must look at what the best do – and do it better. The importance of investing in SaaS onboarding can be easily overlooked in favor of designing efficient and powerful software…

The Future of File Storage A multi-billion dollar market Data storage has been readily increasing for decades. In 1989, an 8MB Macintosh Portable was top of the range; in 2006, the Dell Inspiron 6400 became available, boasting 160GB; and now, we have the ‘Next Generation’ MacBook Pro with 256GB of storage built in. But, of course,…

High Cost of DDoS Attacks Distributed Denial of Service (DDoS) attacks involve the use of multiple compromised systems, often infected with a Trojan, to target a single system. The array of compromised systems flood the resources or bandwidth of their victims, typically one or more web servers, in an attempt to make an online service…

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole. In 1983, the first commercially handheld mobile phone debuted and provided workers with an unprecedented amount of availability, leading to more productivity and profits. More recently, the Cloud has taken…

10 Trending US Cities For Tech Jobs And Startups Traditionally actors headed for Hollywood while techies made a beeline for Silicon Valley. But times are changing, and with technological job opportunities expanding (Infographic), new hotspots are emerging that offer fantastic opportunities for tech jobs and startup companies in the industry. ZipRecruiter, an online recruitment and job…

Shadow IT To Remain A Focus Shadow IT, a phenomenon defined as building internal IT systems without the official organizational approval has been a growing concern for CIOs over the last few years. In 2015, it climbed to the top of the list of the emerging IT threats, with as much as 83% CIOs reporting…

Monetizing Internet Of Things There are many interesting ways in which companies are looking to connect devices to the cloud. From the vehicles to kitchen appliances the internet of things is already a $1.9 trillion dollar market based on research estimates from IDC. Included is a fascinating infographic provided by AriaSystems which shows us some of the exciting…

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

Cloud Computing Price War There’s little question that the business world is a competitive place, but probably no area in business truly defines cutthroat quite like cloud computing. At the moment, we are witnessing a heated price war pitting some of the top cloud providers against each other, all in a big way to attract…

IoT For Automotive Deconstructed The IoT automotive industry is moving rapidly with many exciting growth opportunities available. We’ve written about some of the risks and benefits as well as some of the players involved. One thing for certain as that the auto industry is starting to take notice and we can expect the implementation of a…

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

The 80-20 Rule For Security Practitioners Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Identity and Access Management The identity and access management market continues to grow in a wide variety of industries of all sizes. As has been much discussed in many headlines, this is primarily because of three main reasons: 1) It is much more cost effective to implement than in past years; 2) Solutions can be…

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

Cloud Security Missteps Cloud computing remains shrouded in mystery for the average American. The most common sentiment is, “It’s not secure.” Few realize how many cloud applications they access every day: Facebook, Gmail, Uber, Evernote, Venmo, and the list goes on and on… People flock to cloud services for convenient solutions to everyday tasks. They…

The Legal Battle For Privacy In early June 2013, Edward Snowden made headlines around the world when he leaked information about the National Security Agency (NSA) collecting the phone records of tens of millions of Americans. It was a dramatic story. Snowden flew to Hong Kong and then Russia to avoid deportation to the US,…